- SAP Community
- Groups
- Interest Groups
- Application Development
- Discussions
- Securing an infoobject in a query
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Securing an infoobject in a query
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-28-2009 11:29 AM
Hi
There are a few users who have access to BEx Query Designer and create most of their reports by Company Code. Company code is authorization relevant Info Object. I want to give access to this object in such a way that depending on the user access to specific company codes, it dispalys only those company codes when they use in a query, how can i achieve that. This should be applicable to any query in which they are using company code
Thanks
Rashmi.
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-30-2009 10:31 AM
Hi Rashmi,
When you define the query you have an option to define a variable. You need to define your query variable as 'Processing by Authorization'. For example if you define a Company Code variable like this and use it in your query then the query selection will populate the options with the Company Code values you have in your authorizations.
You can also do some pre-processing on the values populated in here using one of the 'I_STEP's in the function module Tom referred to (RSR00001). I think it's I_STEP=1 but you would have to check with an ABAPer.
I hope this helps.
Best Regards,
Richard
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-28-2009 1:30 PM
Hello,
Make use of analysis authorization to restrict your infoobjects. T-code rsecadmin can be used for this.
Here you can create auth objs for BI to restrict your data based on ifoobjs.
Regards,
Brahmeshwar
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-28-2009 2:16 PM
Hi Rashmi,
One option you may consider is an automated import of the company code authorisations from the users' R3 access into a DSO within the BI system, which you may then reference through the roles and analysis authorisations as a variable.
Editing the user exit in function modules to reference the entries in the DSO when a variable (e.g $BUKRS) is then possible, although this will require a lot of effort from BI, ABAP and yourself to implement, it gives you the option to dynamically allow access to the applicable company codes and carries the advantage that if R3 access changes, BI reporting will also be updated
I think the FM is RSR00001in transaction CMOD
Hope this helps,
Tom
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-30-2009 10:31 AM
Hi Rashmi,
When you define the query you have an option to define a variable. You need to define your query variable as 'Processing by Authorization'. For example if you define a Company Code variable like this and use it in your query then the query selection will populate the options with the Company Code values you have in your authorizations.
You can also do some pre-processing on the values populated in here using one of the 'I_STEP's in the function module Tom referred to (RSR00001). I think it's I_STEP=1 but you would have to check with an ABAPer.
I hope this helps.
Best Regards,
Richard
- SAP Managed Tags:
- Security
